summaryrefslogtreecommitdiff
path: root/docs/podman-create.1.md
Commit message (Collapse)AuthorAge
* Remove --tmpfs size defaultAshley Cui2019-08-14
| | | | | | | Docker has unlimited tmpfs size where Podman had it set to 64mb. Should be standard between the two. Remove noexec default Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
* Set -env variables as appropriateQi Wang2019-07-30
| | | | | | | | close #3648 podman create and podman run do not set --env variable if the environment is not present with a value Signed-off-by: Qi Wang <qiwan@redhat.com>
* podman: support --userns=ns|containerGiuseppe Scrivano2019-07-25
| | | | | | | | allow to join the user namespace of another container. Closes: https://github.com/containers/libpod/issues/3629 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #3579 from QiWang19/dns_netOpenShift Merge Robot2019-07-19
|\ | | | | fix --dns and --network conflict
| * fix --dns* and --network not set to host conflictQi Wang2019-07-18
| | | | | | | | | | | | | | Close #3553 This PR makes --dns, --dns-option, --dns-search, and --network not set to host flag mutually exclusive for podman build and create. Returns conflict error if both flags are set. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | libpod: support for cgroup namespaceGiuseppe Scrivano2019-07-18
|/ | | | | | | | | | | | | | allow a container to run in a new cgroup namespace. When running in a new cgroup namespace, the current cgroup appears to be the root, so that there is no way for the container to access cgroups outside of its own subtree. By default it uses --cgroup=host to keep the previous behavior. To create a new namespace, --cgroup=private must be provided. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Make the healthcheck flags compatible with Docker CLIHunor Csomortáni2019-07-16
| | | | | | | | | | | | Docker CLI calls the healthcheck flags "--health-*", instead of "--healthcheck-*". Introduce the former, in order to keep compatibility, and alias the later, in order to avoid breaking current usage. Change "--healthcheck-*" to "--health-*" in the docs and tests. Signed-off-by: Hunor Csomortáni <csomh@redhat.com>
* create: improve parser for --healthcheck-commandStefan Becker2019-07-14
| | | | | | | | | | | | | | | | Fix Docker CLI compatibility issue: the "--healthcheck-command" option value should not be split but instead be passed as single string to "CMD-SHELL", i.e. "/bin/sh -c <opt>". On the other hand implement the same extension as is already available for "--entrypoint", i.e. allow the option value to be a JSON array of strings. This will make life easier for tools like podman-compose. Updated "--healthcheck-command" option values in tests accordingly. Continuation of #3455 & #3507 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* Merge pull request #3557 from rhatdan/envOpenShift Merge Robot2019-07-12
|\ | | | | Add support for --env-host
| * Fix spelling mistakes in man pages and other docsDaniel J Walsh2019-07-11
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Add glob parsing for --env flagDaniel J Walsh2019-07-11
| | | | | | | | | | | | Sometimes you want to add a few environmen variables based on the last field being a "*". Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Add support for -env-hostDaniel J Walsh2019-07-11
| | | | | | | | | | | | | | | | | | | | This flag passes the host environment into the container. The basic idea is to leak all environment variables from the host into the container. Environment variables from the image, and passed in via --env and --env-file will override the host environment. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #3491 from giuseppe/rlimit-hostOpenShift Merge Robot2019-07-11
|\ \ | |/ |/| podman: add --ulimit host
| * podman: add --ulimit hostGiuseppe Scrivano2019-07-08
| | | | | | | | | | | | | | | | | | add a simple way to copy ulimit values from the host. if --ulimit host is used then the current ulimits in place are copied to the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | docs: fix --healthcheck-command optionStefan Becker2019-07-08
|/ | | | | | | | Make the documentation agree with the code. Related #3507 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* libpod: specify a detach keys sequence in libpod.confMarco Vedovati2019-06-26
| | | | | | Add the ability of specifying a detach keys sequence in libpod.conf Signed-off-by: Marco Vedovati <mvedovati@suse.com>
* Fix documentation for log-driverPeter Hunt2019-06-19
| | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
* cmd, docs, test: fix some typosGiuseppe Scrivano2019-06-18
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* storage: support --mount type=bind,bind-nonrecursiveGiuseppe Scrivano2019-06-13
| | | | | | | | add support for not recursive bind mounts. Closes: https://github.com/containers/libpod/issues/3314 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* standardize documentation formattingAshley Cui2019-06-10
| | | | Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
* Update completions and docs to use k8s file as log driverPeter Hunt2019-05-28
| | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
* podman: honor env variable PODMAN_USERNSGiuseppe Scrivano2019-05-24
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* userns: add new option --userns=keep-idGiuseppe Scrivano2019-05-24
| | | | | | | it creates a namespace where the current UID:GID on the host is mapped to the same UID:GID in the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Fixup FlagsDaniel J Walsh2019-05-20
| | | | | | | | Mark hidden all references to signature-policy Default all uses of --authfile Add --authfile support to podman run and podman create. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #3072 from mheon/no_rm_volumeOpenShift Merge Robot2019-05-08
|\ | | | | Do not remove volumes when --rm removes a container
| * Do not remove volumes when --rm removes a containerMatthew Heon2019-05-06
| | | | | | | | | | | | | | | | This duplicates Docker behavior for the `--rm` flag. Fixes #3071 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | podman-run|create man updatesbaude2019-05-07
|/ | | | | | | the healthcheck commands were not being specified in the man pages for run and create. Signed-off-by: baude <bbaude@redhat.com>
* Fix manpage typosMatthew Heon2019-05-03
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Address review comments on restart policyMatthew Heon2019-05-03
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Add manpage information for restart policyMatthew Heon2019-05-03
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* docs: Fix typo "healthcheck" pt2TomSweeneyRedHat2019-05-02
| | | | | | Replaces #2988. Want to get this is for v1.3. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* http-proxy: improve docsJames Cassell2019-05-01
| | | | Signed-off-by: James Cassell <code@james.cassell.me>
* auto pass http_proxy into containerJames Cassell2019-04-30
| | | | Signed-off-by: James Cassell <code@james.cassell.me>
* Add --read-only-tmpfs optionsDaniel J Walsh2019-04-26
| | | | | | | | | | | The --read-only-tmpfs option caused podman to mount tmpfs on /run, /tmp, /var/tmp if the container is running int read-only mode. The default is true, so you would need to execute a command like --read-only --read-only-tmpfs=false to turn off this behaviour. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Resolve review commentsMatthew Heon2019-03-27
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Add manpages and completions for dns=none and no-hostsMatthew Heon2019-03-27
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Corrected detach man pages and code commentsJhon Honce2019-03-13
| | | | | | * Updated documentation to match code Signed-off-by: Jhon Honce <jhonce@redhat.com>
* healtcheck phase 2baude2019-03-12
| | | | | | | | | | | | | | | | | | | | | | | | | | integration of healthcheck into create and run as well as inspect. healthcheck enhancements are as follows: * add the following options to create|run so that non-docker images can define healthchecks at the container level. * --healthcheck-command * --healthcheck-retries * --healthcheck-interval * --healthcheck-start-period * podman create|run --healthcheck-command=none disables healthcheck as described by an image. * the healthcheck itself and the healthcheck "history" can now be observed in podman inspect * added the wiring for healthcheck history which logs the health history of the container, the current failed streak attempts, and log entries for the last five attempts which themselves have start and stop times, result, and a 500 character truncated (if needed) log of stderr/stdout. The timings themselves are not implemented in this PR but will be in future enablement (i.e. next). Signed-off-by: baude <bbaude@redhat.com>
* Remove --rm and --detach don't coexist noteTomSweeneyRedHat2019-03-11
| | | | | | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> With later changes of Podman, you can now use both the --rm and --detach in a single run command. This PR removes the documentation in the man pages saying this is not allowed. Fixes: #2601
* Add examples for CobraTomSweeneyRedHat2019-02-14
| | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> First pass of entries for the Examples listed in the Cobra Help. Will add others in following PR's.
* Add troubleshooting information about running a rootless containers.Daniel J Walsh2019-02-10
| | | | | | | Add a problem statement about shadow-utils and missing entries from /etc/subuid and /etc/subgid. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add documentation on running systemd on SELinux systemsDaniel J Walsh2019-02-06
| | | | | | | | Lots of users are attempting to run systemd within a container. They are being blocked from running SELinux systems since they need the container_manage_cgroup which is not enabled by default. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* List the long variant of each option before its shorter counterpartDebarshi Ray2019-01-09
| | | | | | This is the style followed in most of the other man pages. Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
* add container-init supportValentin Rothberg2019-01-04
| | | | | | | | | | | | | | | | | | | Add support for executing an init binary as PID 1 in a container to forward signals and reap processes. When the `--init` flag is set for podman-create or podman-run, the init binary is bind-mounted to `/dev/init` in the container and "/dev/init --" is prepended to the container's command. The default base path of the container-init binary is `/usr/libexec/podman` while the default binary is catatonit [1]. This default can be changed permanently via the `init_path` field in the `libpod.conf` configuration file (which is recommended for packaging) or temporarily via the `--init-path` flag of podman-create and podman-run. [1] https://github.com/openSUSE/catatonit Fixes: #1670 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Add information on --restartDaniel J Walsh2018-12-18
| | | | | | | We need to recommend that users use Systemd unit files if they want the container to restart automatically. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* create pod on the flybaude2018-12-03
| | | | | | | | | | when a user specifies --pod to podman create|run, we should create that pod automatically. the port bindings from the container are then inherited by the infra container. this signicantly improves the workflow of running containers inside pods with podman. the user is still encouraged to use podman pod create to have more granular control of the pod create options. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #1317 from rhatdan/privilegedOpenShift Merge Robot2018-11-30
|\ | | | | Disable mount options when running --privileged
| * Disable mount options when running --privilegedDaniel J Walsh2018-11-28
| | | | | | | | | | | | | | | | We now default to setting storage options to "nodev", when running privileged containers, we need to turn this off so the processes can manipulate the image. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | network: allow slirp4netns mode also for root containersGiuseppe Scrivano2018-11-28
|/ | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Touch up --log* options and daemons in man pagesTomSweeneyRedHat2018-11-07
| | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>